The present paper focuses on the problems of verifying compliance for global achievement and maintenance obligations. We first introduce the elements needed to identify and study compliance to these two classes of obligations in processes. Additionally, we define procedures and algorithms to efficiently deal with the identified compliance problem. We finally show that both algorithms proposed in t...
View full abstract»

Assuring system integrity to a remote communication partner through attestation is a security concept which also is very important for safety-critical systems facing security threats. Most remote attestation methods are based on integrity measurement mechanisms embedded in the underlying hardware or software (e.g. operating system). Alternatively, the application software can measure itself, where...
View full abstract»

The OSEK/VDX specification is a standard for automotive operating systems, i.e., operating systems for mobile vehicles. The specification is described in a natural language. Thus, it is difficult to verify the conformity that the automotive operating systems follow this standard due to its ambiguity. We think that such standard has to be formally described enough to ensure that final products conf...
View full abstract»

In design of dependable software for real-time embedded systems, the interrupt mechanism plays an important role. Due to the randomicity and nondeterminism of interrupt handling behaviors, the analysis about program behaviors as well as time properties is an important but challenging problem. In a previous work, we presented a small but expressive language for interrupt-driven programs, and sugges...
View full abstract»

Due to the inherent complexity of the concurrent behavior, it is difficult to ensure the program satisfies the concurrent properties. CSP#, as a formal language, is used to model the program and the properties can be verified on the CSP# model. It is desirable to have a transformation technique from the CSP# model to the implementation. We implement the CSP# operators in a C# library “PAT.R...
View full abstract»

It is our pleasure to welcome you to the 8th International Workshop on Mutation Analysis, Mutation 2013. Mutation analysis is a powerful and widely applicable technique for software testing. The 8th edition of this workshop brought together researchers and practitioners from a variety of research areas to exchange ideas and present new results on this fascinating testing technique. Expert reviewer...
View full abstract»

Testing of security policies is a critical activity and mutation analysis is an effective approach for measuring the adequacy of a test suite. In this paper, we propose a set of mutation operators addressing specific faults of the XACML 2.0 access control policy and a tool, called XACMUT (XACml MUTation) for creating mutants. The tool generates the set of mutants, provides facilities to run a give...
View full abstract»

Delegation is an important dimension of security that plays a crucial role in the administration mechanism of access control policies. Delegation may be viewed as an exception made to an access control policy in which a user gets right to act on behalf of other users. This meta-level characteristic together with the complexity of delegation itself make it crucial to ensure the correct enforcement ...
View full abstract»

Faults in model transformations will result in defective models, and eventually defective code. Correction of defects at the code level is considered very late and is often expensive. Uncorrected defects in the models will propagate to other artifacts; thus, adversely affecting the quality of the end product. Moreover, defect propagation may result in a system that does not meet the stakeholders' ...
View full abstract»

Random testing is inexpensive, but it can also be inefficient. We apply mutation analysis to evolve efficient subdomains for the input parameters of eight benchmark programs that are frequently used in testing research. The evolved subdomains can be used for program analysis and regression testing. Test suites generated from the optimised subdomains outperform those generated from random subdomain...
View full abstract»

Mutation analysis is an effective way to assess the quality of input values and test oracles. Yet, since this technique requires the generation and execution of many mutants, it often incurs a substantial computational cost. In the context of program mutation, the use of mutant schemata and parallelisation can reduce the costs of mutation analysis. This paper is the first to apply these approaches...
View full abstract»

The 8th Workshop on Testing: Academic and Industrial Conference - Practice and Research Techniques (TAIC PART 2013) brings together representatives of both industry and academia to foster discussion and collaboration on software testing problems of high practical relevance. This paper summarizes the workshop TAIC PART 2013 and its contributions.
View full abstract»

Manual regression testing can be a time-intensive and costly activity. Required efforts can be reduced by selecting only the tests for re-testing that verify actually modified system parts. However, if testers are not familiar with the system implementation the selection of relevant test cases may become difficult. In this paper we report on our experiences with the development of a tool-based app...
View full abstract»

Recent empirical work has shown that some of the most frequently applied Java-based refactorings relate to the manipulation of code conditionals and flags. The logic of such code is often complex and difficult to test regressively. One open research issue thus relates to the fault-proneness profiles of classes where these refactorings have been applied, vis-a-vis refactorings on other classes. In ...
View full abstract»

Locating defects in the source code of a software system is one of the most challenging tasks in software debugging. Defect localization tools aim to assist developers in finding the location of defects. Both static and dynamic analysis approaches are used. In the case of dynamic approaches, two different scenarios apply. The first is one in which we have multiple (different) executions that exhib...
View full abstract»

We present the first fully automated approach for the verification of Rhapsody statecharts. IBM's Rhapsody framework is widely used in the automotive industry to model embedded reactive systems. The reactive behavior is specified using Rhapsody's statechart formalism and controls the entire system. Hence, it is crucial to ensure the safety properties of statecharts. Therefore, we constructed a mod...
View full abstract»

Software testing plays a major role in determining the quality of software products. Testing activities are influenced by the available methods and tools, but also by the non-technical aspects of the software development process. The scope of the study is to explore how testing activities are organized in Norwegian companies, and factors that influence the creation of a testing department, or enco...
View full abstract»

The page object pattern is used in the context of web testing for abstracting the application's web pages in order to reduce the coupling between test cases and application under test. This paper reports on an industrial case study in a small Italian company (eXact learning solutions S.p.A.) investigating the potential benefits of adopting the page object pattern to improve the maintainability of ...
View full abstract»

This industrial contribution describes a tool support approach to assessing the quality of relational databases. The approach combines two separate audits - an audit of the database structure as described in the schema and an audit of the database content at a given point in time. The audit of the database schema checks for design weaknesses, data rule violations and deviations from the original d...
View full abstract»